#!/bin/bash

set -eufx

echo foobar | passwd --stdin root

dnf -y remove firewalld
iptables -F

dnf -y update
dnf -y install freeipa-server freeipa-server-dns bind bind-dyndb-ldap

hostnamectl set-hostname f0.cockpit.lan

# Let's make sure that ipa-server-install doesn't block on
# /dev/random.
#
rm -f /dev/random
ln -s /dev/urandom /dev/random

ipa-server-install -U -p foobarfoo -a foobarfoo -n cockpit.lan -r COCKPIT.LAN --setup-dns --no-forwarders

# Make sure any initial password change is overridden
printf 'foobarfoo\nfoobarfoo\nfoobarfoo\n' | kinit admin@COCKPIT.LAN

ipa dnsconfig-mod --forwarder=8.8.8.8
nmcli conn modify 'System eth0' ipv4.ignore-auto-dns yes
nmcli conn modify 'System eth0' ipv4.dns "10.111.112.100"

ln -sf ../selinux/config /etc/sysconfig/selinux
echo 'SELINUX=permissive' > /etc/selinux/config

# reduce image size
dnf clean all
/var/lib/testvm/zero-disk.setup
